2026 - Page 2521 of 7466

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-7738 Upstream summary: In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2024-28054 Upstream summary: Amavis before 2.12.3 and 2.13.x before 2.13.1, in part because of its use of MIME-tools, has an Interpretation Conflict (relative to some mail user agents) […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-5188 CVE-2017-9268 CVE-2018-12466 CVE-2018-12467 CVE-2018-12479 CVE-2018-7688 CVE-2018-7689 CVE-2020-8020  +2 more Upstream summary: The bs_worker code in open build service before 20170320 followed relative symlinks, allowing reading of files […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2002-1956 Upstream summary: ROX Filer 1.1.9 and 1.2 is installed with world writable permissions, which allows local users to write to arbitrary files. Table of contents Symptom & […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-7182 CVE-2019-6442 CVE-2019-6443 CVE-2019-6444 CVE-2019-6445 CVE-2021-22212 CVE-2023-4012 Upstream summary: The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service (out-of-bounds […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-7651 CVE-2021-27290 Upstream summary: index.js in the ssri module before 5.2.2 for Node.js is prone to a regular expression denial of service vulnerability in strict mode functionality via […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2008-6792 Upstream summary: system-tools-backends before 2.6.0-1ubuntu1.1 in Ubuntu 8.10, as used by "Users and Groups" in GNOME System Tools, hashes account passwords with 3DES and consequently limits effective […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2004-0601 CVE-2004-2687 Upstream summary: distcc before 2.16, when running on 64-bit platforms, does not interpret IP-based access control rules correctly, which could allow remote attackers to bypass intended […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2011-4406 CVE-2012-2737 CVE-2012-6655 CVE-2018-14036 Upstream summary: The Ubuntu AccountsService package before 0.6.14-1git1ubuntu1.1 does not properly drop privileges when changing language settings, which allows local users to modify arbitrary […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2026-33635 Upstream summary: iCalendar is a Ruby library for dealing with iCalendar files in the iCalendar format defined by RFC-5545. Starting in version 2.0.0 and prior to version […]